<!DOCTYPE html>
<meta charset="utf-8"/>
<script src="/resources/testharness.js"></script>
<script src="/resources/testharnessreport.js"></script>
<script src="/cookies/resources/cookie-helper.sub.js"></script>
<script>
  promise_test(async function(t) {
    let w = window.open(SECURE_ORIGIN + "/cookies/samesite/resources/puppet.html");
    await wait_for_message("READY", SECURE_ORIGIN);
    let random = "" + Math.random();
    w.postMessage({type: "set", value: random}, "*");
    let e = await wait_for_message("set-complete", SECURE_ORIGIN)
    assert_dom_cookie("samesite_strict", e.data.value, true);
    assert_dom_cookie("samesite_lax", e.data.value, true);
    assert_dom_cookie("samesite_none", e.data.value, true);
    assert_dom_cookie("samesite_unspecified", e.data.value, true);
    w.close();
  }, "Same-site window should be able to set `SameSite=Lax` or `SameSite=Strict` cookies.");

  promise_test(async function(t) {
    let w = window.open(SECURE_CROSS_SITE_ORIGIN + "/cookies/samesite/resources/puppet.html");
    await wait_for_message("READY", SECURE_CROSS_SITE_ORIGIN);
    let random = "" + Math.random();
    w.postMessage({type: "set", value: random}, "*");
    let e = await wait_for_message("set-complete", SECURE_CROSS_SITE_ORIGIN);
    assert_dom_cookie("samesite_strict", e.data.value, false);
    assert_dom_cookie("samesite_lax", e.data.value, false);
    assert_dom_cookie("samesite_none", e.data.value, true);
    assert_dom_cookie("samesite_unspecified", e.data.value, false);
    w.close();
  }, "Cross-site window shouldn't be able to set `SameSite=Lax` or `SameSite=Strict` cookies.");
</script>
